|
210411
|
8.8 |
HIGH
Adjacent
|
netgear
|
r6700_firmware
|
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Although authentication is required to exploit this…
|
-
|
CVE-2020-10924
|
2024-11-21 13:56 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210412
|
8.8 |
HIGH
Adjacent
|
netgear
|
r6700_firmware
|
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Authentication is not required to exploit this vuln…
|
-
|
CVE-2020-10923
|
2024-11-21 13:56 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210413
|
5.4 |
MEDIUM
Network
|
grafana
netapp
|
grafana
e-series_performance_analyzer
|
Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open …
|
CWE-79
Cross-site Scripting
|
CVE-2020-11110
|
2024-11-21 13:56 |
2020-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210414
|
7.5 |
HIGH
Network
|
automationdirect
|
c-more_hmi_ea9_firmware
|
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not require…
|
CWE-20
Improper Input Validation
|
CVE-2020-10922
|
2024-11-21 13:56 |
2020-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210415
|
9.8 |
CRITICAL
Network
|
automationdirect
|
c-more_hmi_ea9_firmware
|
This vulnerability allows remote attackers to issue commands on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vuln…
|
-
|
CVE-2020-10921
|
2024-11-21 13:56 |
2020-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210416
|
9.8 |
CRITICAL
Network
|
automationdirect
|
c-more_hmi_ea9_firmware
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit t…
|
-
|
CVE-2020-10920
|
2024-11-21 13:56 |
2020-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210417
|
5.9 |
MEDIUM
Network
|
automationdirect
|
c-more_hmi_ea9_firmware
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to e…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2020-10919
|
2024-11-21 13:56 |
2020-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210418
|
7.5 |
HIGH
Network
|
automationdirect
|
c-more_hmi_ea9_firmware
|
This vulnerability allows remote attackers to bypass authentication on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit th…
|
-
|
CVE-2020-10918
|
2024-11-21 13:56 |
2020-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210419
|
9.8 |
CRITICAL
Network
|
nec
|
esmpro_manager
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific f…
|
-
|
CVE-2020-10917
|
2024-11-21 13:56 |
2020-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210420
|
5.4 |
MEDIUM
Network
|
ipear_project
|
ipear
|
In iPear, the manual execution of the eval() function can lead to command injection. Only PCs where commands are manually executed via "For Developers" are affected. This function allows executing an…
|
CWE-77
Command Injection
|
CVE-2020-11084
|
2024-11-21 13:56 |
2020-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
